Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/nhO9A91HdrVQ0-G0JjqRd38eqVA.roa
File: nhO9A91HdrVQ0-G0JjqRd38eqVA.roa (raw, json)
Hash identifier: avC+LXLIgEXyqvhm20I4EMQc2gx8ZfjitcH+kS2hh1g=
Subject key identifier: 9E:13:BD:03:DD:47:76:B5:50:D3:E1:B4:26:3A:91:77:7F:1E:A9:50
Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Certificate serial: 019426D950FAC44D181FC2DCB26D460C9ACB
Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/nhO9A91HdrVQ0-G0JjqRd38eqVA.roa
Signing time: Thu 02 Jan 2025 11:49:23 +0000
ROA not before: Thu 02 Jan 2025 11:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48551
IP address blocks: 31.193.186.0/24 maxlen: 24
45.94.252.0/24 maxlen: 24
45.94.254.0/24 maxlen: 24
45.94.255.0/24 maxlen: 24
45.150.150.0/24 maxlen: 24
45.159.196.0/24 maxlen: 24
45.159.197.0/24 maxlen: 24
45.159.198.0/24 maxlen: 24
45.159.199.0/24 maxlen: 24
91.217.177.0/24 maxlen: 24
103.216.60.0/24 maxlen: 24
103.216.61.0/24 maxlen: 24
103.216.62.0/24 maxlen: 24
103.216.63.0/24 maxlen: 24
157.119.188.0/24 maxlen: 24
157.119.190.0/24 maxlen: 24
157.119.191.0/24 maxlen: 24
185.63.114.0/24 maxlen: 24
185.74.221.0/24 maxlen: 24
185.86.180.0/24 maxlen: 24
185.86.181.0/24 maxlen: 24
185.128.40.0/24 maxlen: 24
185.149.192.0/24 maxlen: 24
185.236.36.0/24 maxlen: 24
185.236.37.0/24 maxlen: 24
185.236.38.0/24 maxlen: 24
185.236.39.0/24 maxlen: 24
185.238.143.0/24 maxlen: 24
194.147.212.0/24 maxlen: 24
194.147.222.0/24 maxlen: 24
195.114.4.0/24 maxlen: 24
195.114.5.0/24 maxlen: 24
195.114.8.0/24 maxlen: 24
195.114.9.0/24 maxlen: 24
2a0d:9500::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 04 Mar 2025 07:24:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:50:fa:c4:4d:18:1f:c2:dc:b2:6d:46:0c:9a:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Validity
Not Before: Jan 2 11:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e13bd03dd4776b550d3e1b4263a91777f1ea950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ab:3d:1e:b1:93:06:a8:0c:bc:26:06:b6:20:
1a:af:ef:fb:1c:a9:84:44:51:c7:2a:f2:6a:4c:70:
3c:6d:09:8e:65:58:f7:c9:29:f9:a2:9f:59:9d:98:
05:fa:dd:75:17:7e:0c:a5:3d:14:11:54:8f:40:cf:
88:e1:f0:54:15:95:60:c2:ab:cd:e8:0a:03:38:56:
15:d0:bd:ab:5e:7d:cf:d2:08:88:f0:69:d4:5b:c9:
80:92:4b:6f:35:c7:6b:0a:5f:61:19:b1:22:cd:8d:
08:e0:b0:52:74:a8:3f:fe:7c:86:fd:0c:8c:a2:96:
cd:fd:a9:c1:44:34:95:a5:85:75:0a:2c:06:46:d7:
00:d2:dd:14:7c:5e:b7:5c:15:26:d5:40:ce:37:ec:
45:f9:d7:d2:55:f1:fb:4e:58:8e:1c:5a:8c:6d:0d:
74:52:2d:ee:b9:91:49:f3:ee:ee:f6:97:c1:b0:8a:
0b:7b:95:c7:c0:af:ed:aa:62:4d:c2:12:2f:b5:27:
e1:e3:aa:87:7d:23:8a:d7:1d:9b:0d:49:bb:49:50:
dd:fe:16:d1:ba:00:ed:2c:4a:7c:d0:58:f0:5f:9c:
96:ba:c1:02:2d:07:b2:87:79:61:80:94:2a:3c:b8:
44:88:0f:66:54:b5:35:3c:18:f1:96:3f:c3:a9:90:
cf:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:13:BD:03:DD:47:76:B5:50:D3:E1:B4:26:3A:91:77:7F:1E:A9:50
X509v3 Authority Key Identifier:
keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/nhO9A91HdrVQ0-G0JjqRd38eqVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.186.0/24
45.94.252.0/24
45.94.254.0/23
45.150.150.0/24
45.159.196.0/22
91.217.177.0/24
103.216.60.0/22
157.119.188.0/24
157.119.190.0/23
185.63.114.0/24
185.74.221.0/24
185.86.180.0/23
185.128.40.0/24
185.149.192.0/24
185.236.36.0/22
185.238.143.0/24
194.147.212.0/24
194.147.222.0/24
195.114.4.0/23
195.114.8.0/23
IPv6:
2a0d:9500::/29
Signature Algorithm: sha256WithRSAEncryption
99:22:d2:65:67:19:fa:cf:53:37:a0:fe:95:07:cf:f9:6c:41:
d8:db:d3:a9:64:a7:40:6a:b5:55:55:cc:07:41:6a:1f:e6:e1:
6c:95:64:60:4a:44:bd:47:58:79:0c:95:aa:71:c0:38:23:10:
46:eb:93:8a:d5:1e:79:af:a5:ba:d5:0a:c3:75:8b:a7:d6:81:
6a:99:36:ee:bb:19:41:08:c2:80:2c:6c:1f:a1:60:83:af:49:
d6:2f:6a:72:b0:9c:e2:40:a6:ab:22:e0:19:40:60:30:c1:18:
a0:c3:dd:f6:46:5c:2c:1a:f1:2a:83:1d:e3:4a:32:e2:eb:58:
98:53:c9:3f:b8:c2:e4:dc:80:46:68:7f:48:00:30:5f:d5:69:
26:0a:d7:a8:87:cf:28:58:45:d6:b8:da:d8:7b:1c:2e:71:3b:
04:77:03:a9:35:55:22:e7:c9:2e:58:5f:9b:f5:64:f0:da:b3:
d5:f7:e4:2c:6c:68:3b:8e:cf:c1:e2:4f:e6:b5:e8:f6:c9:92:
c6:d7:70:fa:0a:ac:39:ec:95:c4:0b:4a:05:30:2d:40:36:ff:
e5:42:37:51:66:a9:26:05:7a:f6:db:b5:8a:14:27:fe:af:05:
8b:54:38:97:aa:2f:b7:22:00:9f:21:e4:5e:13:53:5d:fd:09:
bf:5b:5f:24
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAZQm2VD6xE0YH8Lcsm1GDJrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4
NGU1NWQwHhcNMjUwMTAyMTE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTEzYmQwM2RkNDc3NmI1NTBkM2UxYjQyNjNhOTE3NzdmMWVhOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ks9HrGTBqgMvCYGtiAar+/7HKmE
RFHHKvJqTHA8bQmOZVj3ySn5op9ZnZgF+t11F34MpT0UEVSPQM+I4fBUFZVgwqvN
6AoDOFYV0L2rXn3P0giI8GnUW8mAkktvNcdrCl9hGbEizY0I4LBSdKg//nyG/QyM
opbN/anBRDSVpYV1CiwGRtcA0t0UfF63XBUm1UDON+xF+dfSVfH7TliOHFqMbQ10
Ui3uuZFJ8+7u9pfBsIoLe5XHwK/tqmJNwhIvtSfh46qHfSOK1x2bDUm7SVDd/hbR
ugDtLEp80FjwX5yWusECLQeyh3lhgJQqPLhEiA9mVLU1PBjxlj/DqZDPMQIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFJ4TvQPdR3a1UNPhtCY6kXd/HqlQMB8GA1UdIwQY
MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt
NTAwMTUzOWQ3MTg1LzEvbmhPOUE5MUhkclZRMC1HMEpqcVJkMzhlcVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1
LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQAH8G6
AwQALV78AwQBLV7+AwQALZaWAwQCLZ/EAwQAW9mxAwQCZ9g8AwQAnXe8AwQBnXe+
AwQAuT9yAwQAuUrdAwQBuVa0AwQAuYAoAwQAuZXAAwQCuewkAwQAue6PAwQAwpPU
AwQAwpPeAwQBw3IEAwQBw3IIMA0EAgACMAcDBQMqDZUAMA0GCSqGSIb3DQEBCwUA
A4IBAQCZItJlZxn6z1M3oP6VB8/5bEHY29OpZKdAarVVVcwHQWof5uFslWRgSkS9
R1h5DJWqccA4IxBG65OK1R55r6W61QrDdYun1oFqmTbuuxlBCMKALGwfoWCDr0nW
L2pysJziQKarIuAZQGAwwRigw932RlwsGvEqgx3jSjLi61iYU8k/uMLk3IBGaH9I
ADBf1WkmCteoh88oWEXWuNrYexwucTsEdwOpNVUi58kuWF+b9WTw2rPV9+QsbGg7
js/B4k/mtej2yZLG13D6Cqw57JXEC0oFMC1ANv/lQjdRZqkmBXr227WKFCf+rwWL
VDiXqi+3IgCfIeReE1Nd/Qm/W18k
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:59:43 2025 by rpki-client